<?php
#                                                                                 
# author: Cody Sorgenfrey                                       
# (c)2012 South Hill Calvary Chapel                                               
#                                                                                 
include_once("../root.inc.php");
include_once("../mysql/database_info.php");
include_once("../mysql/common.php");
include_once("../common.php");

connect_select_test("sermons");

if ((!$_GET['key']) || ($_GET['key'] != "yasuckasucka")){
	printf("Authentication error.");
} else {
	if (count($_GET) == 10){
		$uploaded = mysql_query("INSERT INTO `sermons` VALUES ('',
																'".mysql_real_escape_string($_GET['sermonPreacher'])."',
																'".mysql_real_escape_string($_GET['sermonDate'])."',
																'".mysql_real_escape_string($_GET['sermonService'])."',
																'".mysql_real_escape_string($_GET['sermonBook'])."',
																'".mysql_real_escape_string($_GET['sermonReference'])."',
																'".mysql_real_escape_string($_GET['sermonTitle'])."',
																'".mysql_real_escape_string($_GET['sermonType'])."',
																'".mysql_real_escape_string($_GET['file'])."',
																'',
																'',
																'',
																'".mysql_real_escape_string($_GET['seriesID'])."',
																'')");
		if ($uploaded){
			$id = mysql_fetch_array(mysql_query("SELECT * FROM `sermons` WHERE `date`='".mysql_real_escape_string($_GET['sermonDate'])."' && `title`='".mysql_real_escape_string($_GET['sermonTitle'])."'"));
			printf("http://www.southhillcalvary.org/sermon/%s", $id['id']);
		} else {
			printf("Error");
		}
	} else {
		printf("Missing values");
		print_r($_GET);
	}
}
?>